github-starred/frp
2
0
Fork 0
mirror of https://github.com/fatedier/frp.git synced 2026-05-15 08:05:49 -06:00
Code Issues 40 Projects Packages Wiki Activity Actions 1

[GH-ISSUE #4131] 关于FRP-0.56.0版本当前依赖库存在的安全漏洞 #3261

New issue
Closed
opened 2026-05-05 14:06:14 -06:00 by gitea-mirror · 2 comments
gitea-mirror commented 2026-05-05 14:06:14 -06:00
Owner
Copy link

Originally created by @YouZiFeiLe on GitHub (Apr 7, 2024).
Original GitHub issue: https://github.com/fatedier/frp/issues/4131

Bug Description

当前FRP 0.56.0版本存在以下依赖库安全漏洞

请将quic-go从0.41.0升级至0.42.0版本及以上
请将go-jose从3.0.1升级至3.0.3版本及以上
请将protobuf从1.31.0升级至1.33.0版本及以上

9df3ab3b2cabafbc32ff3d1104a1843f

frpc Version

0.56.0

frps Version

0.56.0

System Architecture

linux/amd64

Configurations

当前FRP 0.56.0版本存在以下依赖库安全漏洞

请将quic-go从0.41.0升级至0.42.0版本及以上
请将go-jose从3.0.1升级至3.0.3版本及以上
请将protobuf从1.31.0升级至1.33.0版本及以上

Logs

No response

Steps to reproduce

...

Affected area

  • Docs
  • Installation
  • Performance and Scalability
  • Security
  • User Experience
  • Test and Release
  • Developer Infrastructure
  • Client Plugin
  • Server Plugin
  • Extensions
  • Others
Originally created by @YouZiFeiLe on GitHub (Apr 7, 2024). Original GitHub issue: https://github.com/fatedier/frp/issues/4131 ### Bug Description **当前FRP 0.56.0版本存在以下依赖库安全漏洞** 请将quic-go从0.41.0升级至0.42.0版本及以上 请将go-jose从3.0.1升级至3.0.3版本及以上 请将protobuf从1.31.0升级至1.33.0版本及以上 <img width="1151" alt="9df3ab3b2cabafbc32ff3d1104a1843f" src="https://github.com/fatedier/frp/assets/70139052/afb42eb6-49cf-4f6d-a607-fc94333e35e7"> ### frpc Version 0.56.0 ### frps Version 0.56.0 ### System Architecture linux/amd64 ### Configurations **当前FRP 0.56.0版本存在以下依赖库安全漏洞** 请将quic-go从0.41.0升级至0.42.0版本及以上 请将go-jose从3.0.1升级至3.0.3版本及以上 请将protobuf从1.31.0升级至1.33.0版本及以上 ### Logs _No response_ ### Steps to reproduce 1. 2. 3. ... ### Affected area - [ ] Docs - [ ] Installation - [ ] Performance and Scalability - [X] Security - [ ] User Experience - [ ] Test and Release - [ ] Developer Infrastructure - [ ] Client Plugin - [ ] Server Plugin - [ ] Extensions - [ ] Others
gitea-mirror commented 2026-05-05 14:06:17 -06:00
Author
Owner
Copy link

@peace4j commented on GitHub (Apr 9, 2024):

只是0.56.0版本存在这个问题,还是0.56.0以下版本都有这个问题?

<!-- gh-comment-id:2043937146 --> @peace4j commented on GitHub (Apr 9, 2024): 只是0.56.0版本存在这个问题,还是0.56.0以下版本都有这个问题?
gitea-mirror commented 2026-05-05 14:06:18 -06:00
Author
Owner
Copy link

@YouZiFeiLe commented on GitHub (Apr 9, 2024):

只是0.56.0版本存在这个问题,还是0.56.0以下版本都有这个问题?

因为我自己一直追最新版本,之前的docker镜像都删掉了,不是很确定,但是只要没升级到指定版本,那么都会存在安全漏洞

<!-- gh-comment-id:2044026073 --> @YouZiFeiLe commented on GitHub (Apr 9, 2024): > 只是0.56.0版本存在这个问题,还是0.56.0以下版本都有这个问题? 因为我自己一直追最新版本,之前的docker镜像都删掉了,不是很确定,但是只要没升级到指定版本,那么都会存在安全漏洞
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
dev
new
master
copilot/review-pull-request-5198
v0.68.1
v0.68.0
v0.67.0
v0.66.0
v0.65.0
v0.64.0
v0.63.0
v0.62.1
v0.62.0
v0.61.2
v0.61.1
v0.61.0
v0.60.0
v0.59.0
v0.58.1
v0.58.0
v0.57.0
v0.56.0
v0.55.1
v0.55.0
v0.54.0
v0.53.2
v0.53.1
v0.53.0
v0.52.3
v0.52.2
v0.52.1
v0.52.0
v0.51.3
v0.51.2
v0.51.1
v0.51.0
v0.50.0
v0.49.0
v0.48.0
v0.47.0
v0.46.1
v0.46.0
v0.45.0
v0.44.0
v0.43.0
v0.42.0
v0.41.0
v0.40.0
v0.39.1
v0.39.0
v0.38.0
v0.37.1
v0.37.0
v0.36.2
v0.36.1
v0.36.0
v0.35.1
v0.35.0
v0.34.3
v0.34.2
v0.34.1
v0.34.0
v0.33.0
v0.32.1
v0.32.0
v0.31.2
v0.31.1
v0.31.0
v0.30.0
v0.29.1
v0.29.0
v0.28.2
v0.28.1
v0.28.0
v0.27.1
v0.27.0
v0.26.0
v0.25.3
v0.25.2
v0.25.1
v0.25.0
v0.24.1
v0.24.0
v0.23.3
v0.23.2
v0.23.1
v0.23.0
v0.22.0
v0.21.0
v0.20.0
v0.19.1
v0.19.0
v0.18.0
v0.17.0
v0.16.1
v0.16.0
v0.15.1
v0.15.0
v0.14.1
v0.14.0
v0.13.0
v0.12.0
v0.11.0
v0.10.0
v0.9.3
v0.9.2
v0.9.1
v0.9.0
v0.8.1
v0.8.0
v0.7.0
v0.6.0
v0.5.0
v0.3.0
v0.2.0
v0.1.0
Labels
Clear labels   
In Progress

   
WIP

   
WaitingForInfo

   
bug

   
doc

   
duplicate

   
easy

   
enhancement

   
future

   
help wanted

   
invalid

   
lifecycle/stale

   
need-issue-template

   
need-usage-help

   
no plan

   
proposal

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
todo
No labels
In Progress
WIP
WaitingForInfo
bug
doc
duplicate
easy
enhancement
future
help wanted
invalid
lifecycle/stale
need-issue-template
need-usage-help
no plan
proposal
pull-request
question
todo
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/frp#3261
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?